IT incident at Washington Post: Data of almost 10,000 people leaked

Criminals have penetrated the renowned Washington Post through a security vulnerability in the Oracle E-Business Suite and copied data from almost 10,000 people. The cyber gang cl0p is likely behind this.

In a Notice of Data Privacy Incident from the Attorney General from the US state of Maine, the newspaper discusses the incident. According to the notice, the Post was contacted by the perpetrators on September 29. They claimed to have penetrated the Oracle E-Business Suite system. During the investigation, IT specialists were able to determine that the critical vulnerability CVE-2025-61882 in Oracle EBS was exploited. Unauthorized individuals accessed data between July 10 and August 22. On October 27, the Washington Post could verify that certain personal information of current and former employees as well as contractors were affected.

This includes, for example, names, bank details, social security numbers, or tax IDs. The Post began informing affected individuals via traditional mail starting November 12.

Cyber gang cl0p on a looting spree

Last week, it became known that the cyber gang cl0p new affected companies on its darknet leaksite had added. Among them were the Washington Post and Logitech. Logitech had admitted a cyber security incident over the weekend also admitted to a cyber security incident over the weekend and did not name the group responsible. However, it is likely that cl0p is behind the attacks in both cases.

The criminal online organization repeatedly exploits vulnerabilities, for example, in data transfer software, to penetrate the IT systems of numerous companies and copy potentially valuable data, which they then use to extort the companies. At the end of February, for instance, around 230 new companies on cl0p's darknet leaksite appeared.

(dmk)